The entire document is dated August 9, 2013 and has no attributable names or contact details in it. Its most striking portion? A separate block of text on page six, which states:

According to figures published by a major tech provider, the Internet carries 1,826 Petabytes of information per day. In its foreign intelligence mission, NSA touches about 1.6% of that. However, of the 1.6% of the data, only 0.025% is actually selected for review. The net effect is that NSA analysts look at 0.00004% of the world’s traffic in conducting their mission—that’s less than one part in a million. Put another way, if a standard basketball court represented the global collection, it would be an area smaller than a dime on that basketball court.

And, nearly directly below that section, the NSA presents its strongest categorical denial of using foreign partners to circumvent American law:

NSA partners with well over 30 different nations in order to conduct its foreign intelligence mission. In every case, NSA does not and will not use a relationship with a foreign intelligence service to ask that service to do what NSA is itself prohibited by law from doing. These partnerships are an important part of the US and allied defense against terrorists, cyber threat actors, and others who threaten our individual and collective security. Both parties to these relationships benefit.

The document begins by referencing the September 11, 2001 attacks on New York and Washington, DC, and notes that the NSA “did not have the tools or the database to search to identify [terrorist] connections and share them with the FBI.” The NSA then argues: “We do not need to sacrifice civil liberties for the sake of national security; both are integral to who we are as Americans. NSA can and will continue to conduct its operations in a manner that respects both.”

And how, pray tell, might an American’s e-mail be accidentally swept up in a dragnet that is ostensibly targeting a foreign suspect?

For example, a US person might be courtesy copied on an e-mail to or from a legitimate foreign target, or a person in the US might be in contact with a known terrorist target. In those cases, minimization procedures adopted by the Attorney General in consultation with the Director of National Intelligence and approved by the Foreign Intelligence Surveillance Court are used to protect the privacy of the US person. These minimization procedures control the acquisition, retention, and dissemination of any US person information incidentally acquired during operations conducted pursuant to Section 702.

Of course, also on Friday, The Guardian published an excerpt from a document leaked by Edward Snowden showing that the NSA has the ability to search Americans’ e-mails—but apparently restrains itself from doing so. The document also notes that Section 215 of the Foreign Intelligence Surveillance Act—the business records provision—is what gives the government the authority to capture telephony metadata.

At the end of the document, the NSA also argues that it has adequate oversight from a number of government agencies—Bruce Schneier probably would disagree with that—and also is able to police itself.

As the NSA concludes:

In addition to NSA’s compliance safeguards, NSA personnel are obligated to report when they believe NSA is not, or may not be, acting consistently with law, policy, or procedure. This self-reporting is part of the culture and fabric of NSA. If NSA is not acting in accordance with law, policy, or procedure, NSA will report through its internal and external intelligence oversight channels, conduct reviews to understand the root cause, and make appropriate adjustments to constantly improve.

Cyrus Farivar
Cyrus is a Senior Tech Policy Reporter at Ars Technica, and is also a radio producer and author. His latest book, Habeas Data, about the legal cases over the last 50 years that have had an outsized impact on surveillance and privacy law in America, is due out in May 2018 from Melville House. Emailcyrus.farivar@arstechnica.com//Twitter@cfarivar

127 Reader Comments

I seriously doubt they're spying on your Netflix queue. According to this page, the average email is 75 KB. So, don't worry, the NSA is only spying on approximately 10 million emails per day.

My point about Netflix HD movies was to make a conservative guess. Consider that by watching an HD video, a person (or analyst) can absorb data at ~3.8Mbits. However, let's say they're reading text. Assume you can read 1 page of text (which is about 1KB) in 1 minute. At that rate, you're only absorbing data at 134bps (less than 1/20,000th of the rate you'd get watching video). Pretty much any sort of "analysis" is going to happen at bitrates measured in bits/sec or kbits/sec.

Assume that an NSA analyst absorbs data at a whopping 1kbit per second (that's about a tweet worth of data per second). Also let's stick with the ~68Mbits of data that they "analyze" each second. That means that you'd need to employ over 200,000 analysts whose job it is to "touch" this data, 8 hours a day, 5 days a a week.

Obviously, they're not employing 200,000 people to look at this data. But the idea that a couple dozen people could do it is absurd. Even if they really can analyze 4Mbits per second per analyst, they'd need to have about 60 analysts working full time just on analyzing data. The chances are the number is much higher.

Bottom line: 740GB/day of data is an enormous amount of data to process. You need a lot of people to do it.

I seriously doubt they're spying on your Netflix queue. According to this page, the average email is 75 KB. So, don't worry, the NSA is only spying on approximately 10 million emails per day.

My point about Netflix HD movies was to make a conservative guess. Consider that by watching an HD video, a person (or analyst) can absorb data at ~3.8Mbits. However, let's say they're reading text. Assume you can read 1 page of text (which is about 1KB) in 1 minute. At that rate, you're only absorbing data at 134bps (less than 1/20,000th of the rate you'd get watching video). Pretty much any sort of "analysis" is going to happen at bitrates measured in bits/sec or kbits/sec.

Assume that an NSA analyst absorbs data at a whopping 1kbit per second (that's about a tweet worth of data per second). Also let's stick with the ~68Mbits of data that they "analyze" each second. That means that you'd need to employ over 200,000 analysts whose job it is to "touch" this data, 8 hours a day, 5 days a a week.

Obviously, they're not employing 200,000 people to look at this data. But the idea that a couple dozen people could do it is absurd. Even if they really can analyze 4Mbits per second per analyst, they'd need to have about 60 analysts working full time just on analyzing data. The chances are the number is much higher.

Bottom line: 740GB/day of data is an enormous amount of data to process. You need a lot of people to do it.

In practice I assume the rate is fairly high due to selective reading. E.g. open an email and skim to determine the topic, you wouldn't normally read the entire text unless something interesting jumps out.

"NSA does not and will not use a relationship with a foreign intelligence service to ask that service to do what NSA is itself prohibited by law from doing"

The trouble with that statement is that we all know for a fact that they very carefully craft their statements to suggest something, while leaving room to allow for the real activity to not get pegged. Sure they don't 'ask' the other countries to do that stuff for them. I believe that. But I also am quite certain that if that country is already doing it, then sharing the information is more than acceptable to them. The statement leaves the door wide open in that regard.

Any Agency that seeks the truth, such as is the NSA's perview, and then the tells the citizens of its own country such nasty half truths, misleading statements and blatant lies (see Clapper's statements in another article) should have its employees imprisoned for such offenses.

With this kind of activity going on in the NSA, we will soon live in a world where Americans will all be hated. Get your overseas vacation trips in now, because the real danger is that the NSA is making the world a much more hostile place for us to live in than it ever was in the past. They aren't saving us (US citizens) from anything, just creating a prison cell that we won't be able to leave without fear of (well justified) violence against us as common citizens just because of where we are from.

Does anyone believe, or know anyone who believes, anything a politician says these days? I'd really, honestly like to know.

Yup. My girlfriend really, truly believes in Obama and everything he says. He, personally, got her pre-existing medical condition approved for coverage, after all. According to her, anything he appears not to have delivered, or done that he shouldn't, is because the Republicans "wouldn't let him do it" or "made him do it."